Skip to main content

Data Privacy Concerns in 2022 and Beyond

By and January 31, 2022Insights

We may be a little late to Data Privacy Day but we are looking ahead at what a big year for privacy 2022 will be! Below is a timeline of some of the privacy events on the horizon that are on our radar.

What is happening right now?

Schrems II and Google Analytics: The Austrian DPA’s recent decision regarding the use of Google Analytics calls into question any use of a US analytics service where a transfer of users’ data from the EU to the US occurs. Our automated Data Transfer Scanner identifies and sorts Schrems II risk of data flows for further legal handling, including the use of Google Analytics and similar vendors.

April 2022

Google Play Store: Google is launching its own app privacy requirements, similar to Apple’s App Store requirements. Failure to comply may result in app removal from the Google Play Store. Any inconsistencies between the labels and what’s included in an organization’s privacy policy could open up the door for accusations of unfair and deceptive practices.

Our downloadable report and module for Android gives organizations the information they need to meet their Google Play and disclosure requirements, including:

  • Identifying all parties collecting data (as well as which SDKs are integrated into the app);
  • Identifying all data types, including personal information/data (at both a technical – e.g., hashed, encoded, fingerprinting, GAID, etc. – and traditional level); and
  • Determining how each data type is used (e.g., App Functionality and/or Personalization)


  • California, Virginia and Colorado:The CPRA, which largely expands the CCPA, Colorado and Virginia privacy laws go into effect in 2023.
  • Deprecation of third-party cookies: Chrome is projected to phase out the use of third-party cookies starting in 2023, causing many stakeholders to rely on persistent identifiers (hashed or otherwise) which will only raise the stakes in the land of privacy.

We can help with your state law privacy efforts, put a roadmap in place to prepare for deprecation of third-party cookies, and assist in identifying which data is shared/collected from your website and mobile app to ensure relevant agreements are executed and any unintended data collection/transmission is mitigated.

If you want to discuss any privacy concerns you have or see how NT Analyzer could help you specifically, please let us know and we are happy to make some time.

Steven Roosa

Author Steven Roosa

Steven B. Roosa advises companies on a wide spectrum of technology and legal issues pertaining to privacy and data security. Steve serves as partner in Norton Rose Fulbright's New York office and oversees the firm's privacy compliance tool suite, NT Analyzer.

More posts by Steven Roosa
Steven Roosa

Author Daniel Rosenzweig

Daniel B. Rosenzweig is a lawyer in Norton Rose Fulbright's Data Protection, Privacy and Cybersecurity practice group in the New York office. Daniel is part of the core team that oversees NT Analyzer to help clients navigate the complex data protection and privacy landscape.

More posts by Daniel Rosenzweig